Nexus Journal Guide
How Nexus Journal Handles Trading Data and Privacy
Nexus Journal is designed as a local-first trading workspace. Journal records and application state are primarily stored in the user's browser profile, while explicitly enabled integrations such as broker connections, licensing, payments, or Google Drive backup cross that local boundary for their stated purpose.
Reviewed 2026-07-15 by Nexus Journal product team.
What local-first means
Core journal state uses browser storage such as IndexedDB and localStorage. This gives the user direct control over the browser profile that contains the journal, but it also means clearing site data or losing the profile can remove local records unless a backup exists.
Local-first is not the same as zero network activity. Market data, broker APIs, payment verification, licensing, news, and optional backup features require network requests when the user uses them.
Backups and recovery
Users should keep tested backups. Nexus supports local backup and restore workflows and optional Google Drive backup paths; a backup is useful only when it can be restored and contains the expected portfolios and workspace state.
Broker source reports should also be retained independently because they remain the authoritative record for executions and reconciliation.
Credentials and connected services
Broker tokens or credentials are used for the connection the user configures. Backups intentionally exclude selected broker access-token material, and public SEO or Markdown pages never include a user's journal, account, credential, or portfolio data.
Payment, licensing, referral, and authentication services have narrower server-side responsibilities and should not be interpreted as a server-side copy of the user's complete journal.
Practical user responsibilities
Protect the device and browser profile, use trusted networks for connected services, verify imports, keep recovery copies, and remove broker access when it is no longer needed.
No storage design eliminates every risk. Users should avoid entering secrets into free-text notes and should report suspected security issues through the official support channel rather than publishing sensitive details.